- All files in one directory - hard to find anything
- All return values of all functions are checked and handled in some way,
which is good, except:
- Handling each memory allocation failure separately is IMHO extremely
useless and makes the code look very ugly. Sometimes failure kills the
program, sometimes it loops forever until it gets the memory and
sometimes the function just returns failure. Is it really that bad if
the program would always just die? It's not like this would happen very
often (if ever), and the program will always be automatically restarted
anyway if it dies.
- There's gotos everywhere.
- Using K&R headers. ANSI C looks much better and can better detect
errors. You can even convert ANSI C -> K&R using for example
- Code is difficult to follow, it has neither comments nor is
self-documenting, and in general looks pretty ugly.
- However DJB seems to be capable of keeping his code secure - there's
never been found any exploits even while there's the
$500 security guarantee
- License problems - you're not allowed to distribute modified versions
of djb software.
- djb isn't very nice person :) Though if the software is good this
should be no reason not to use it.